Merge branch 'patch-22' of https://github.com/carlosmayol/azure-stack-docs-pr into secnu

Author: alkohli

azure-local/manage/manage-secure-baseline.md

@@ -44,6 +44,23 @@ The following table explains the rules that aren't compliant and the rationale o
 | Interactive logon: Message title for users attempting to log on| Not Compliant | Warning - "" is equal to "" |This must be defined by customer, it does not have drift control enabled.|
 | Minimum password length | Not Compliant | Critical - Seven is less than the minumum value of 14. | This must be defined by customer, it does not have drift control enabled in order to allow this setting to align with your organization's policies.|
 
+### Fixing the compliance of the above rules:
+
+To fix the above rules you can follow the next commands, altough you can use any other tool of your preference.
+
+1- Legal notice: Use the below two commands to define a notice when users are logging in the Servers: Values defined is your oranization's choice.
+
+    ```PowerShell
+    Set-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System" -Name "LegalNoticeCaption" -Value "Legal Notice"
+    Set-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System" -Name "LegalNoticeText" -Value "LegalNoticeText"
+    ```
+
+2 - Minimum password lenght: Use the below command to set the minimum password lenght policy to 14 characthers on the server. The default value is 7, and any value below 14 will still be flagged by the monitoring baseline policy.
+
+    ```PowerShell
+    net accounts /minpwlen:14
+    ```
+
 ## Manage security defaults with PowerShell
 
 With drift protection enabled, you can only modify nonprotected security settings. To modify protected security settings that form the baseline, you must first disable drift protection. To view and download the complete list of security settings, see [Security Baseline](https://aka.ms/hci-securitybase).